package com.lute.controller;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.security.oauth2.common.json.JSONException;
import org.springframework.security.oauth2.common.json.JSONObject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.lute.json.AccountingPeriodVerificationJSON;
import com.lute.model.Approver;
import com.lute.model.ClientAccountingPeriodState;
import com.lute.model.Employee;
import com.lute.model.EmployeeAccountingPeriod;
import com.lute.model.EmployeeEntry;
import com.lute.model.UserEntitlement;
import com.lute.utils.ServerErrorResponse;

@Controller
public class AccountingPeriodVerificationServlet {
	
	@RequestMapping(value="/accountingPeriodVerification", method= RequestMethod.POST, headers="Content-type=application/json")
	public @ResponseBody String accountingPeriodVerification(@RequestBody String dataJSON, HttpServletRequest request) throws JSONException {
		String result = "";
		String userIdStr;
		String from;
		JSONObject jsonReq;
		JSONObject jsonRes = new JSONObject();
		
		HttpSession session = request.getSession(false);
		if(session == null) {
			jsonRes.put("result", ServerErrorResponse.USER_NOT_LOGGED_IN.toString());
			result = jsonRes.toString();
			return result;
		}
		
		try {
			jsonReq = new JSONObject(dataJSON);
			userIdStr = jsonReq.getString("userId");
			from = jsonReq.getString("from");
		} catch(JSONException e) {
			jsonRes.put("result", ServerErrorResponse.MALFORMED_REQUEST.toString());
			result = jsonRes.toString();
			return result;
		}
		
		/* check if json data was not malformed */
		if((jsonReq.isNull("userId")) && (jsonReq.isNull("from"))) {
			jsonRes.put("result",ServerErrorResponse.MALFORMED_REQUEST.toString());
			result = jsonRes.toString();
			return result;
		}
		
		String role = (String)session.getAttribute("role");
		
		/* check  authorization */
		if(!( (role.equals("employee")) || (role.equals("approver")) || (role.equals("clientAdmin")))) {
			jsonRes.put("result", ServerErrorResponse.USER_NOT_ENTITLED.toString());
			result = jsonRes.toString();
			System.out.println(result);
			return result;
		}
		
		int sessionUserId = (Integer)session.getAttribute("sessionUserId");
		int userId = Integer.parseInt(userIdStr);
		jsonRes.put("result", "");
		
		EmployeeAccountingPeriod employeeAccountingPeriod = null;
		
		try {
			
			employeeAccountingPeriod = UserEntitlement.checkUserPrivilegeToEmployeeAccountingPeriod(from,sessionUserId,userId,role,jsonRes);
			
			if(!(jsonRes.get("result").equals(""))) {
				result = jsonRes.toString();
				System.out.println(result);
				return result;
			}
			
		EmployeeAccountingPeriod.doAccountingPeriodVerification(employeeAccountingPeriod, jsonRes);
		
		if(!(jsonRes.get("result").equals(""))) {
			result = jsonRes.toString();
			System.out.println(result);
			return result;
		}
			
		} catch(NullPointerException npe) {
			jsonRes.put("result", ServerErrorResponse.INTERNAL_ERROR.toString());
			result = jsonRes.toString();
			System.out.println(result);
			return result;
		}
		
		//TODO: prepare the json response.
		result = jsonRes.toString();
		return result;
	}
}
